beada59b5686eb8b08904741fe3b3003_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

beada59b5686eb8b08904741fe3b3003_JaffaCakes118
Size

190KB
MD5

beada59b5686eb8b08904741fe3b3003
SHA1

57b669eb3eabc3ee79133c049cdc9bd96b79ffb6
SHA256

86a394eabc32540eee3034c9d146bbf198cf2ec2418cdfa5823faeeca48ae4f3
SHA512

e600e8ec82840168828b7c308d348f7bea5f3d5b950933f82e56d5914405d1880fc624d0fcccd22cafa5fcead17a4b86eeec8c4d8f753d52af7fe1d20244fe76
SSDEEP

3072:6vQjLPp0tYtolRnwOzlLpyKf9eCud0rQs4T/SPE2tP:OILB0Ktol1wOBLpdf9kUmTs7tP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
beada59b5686eb8b08904741fe3b3003_JaffaCakes118

Files

beada59b5686eb8b08904741fe3b3003_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c21db7b5c36691f04c6b12cc2898dbdc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
SetLastError
HeapAlloc
VirtualAlloc
QueryPerformanceCounter
VirtualFree
GetCurrentProcessId
TlsAlloc
GetSystemTimeAsFileTime
VirtualQuery
EnumSystemLanguageGroupsW
IsBadWritePtr
GetWriteWatch
HeapReAlloc
HeapCreate
HeapDestroy
TlsFree

user32

SetWindowTextA
GetDlgItem
GetWindow
DestroyIcon
CreateWindowExA
LoadImageA
LoadStringA
GetParent

winmm

mciSendCommandA

shlwapi

PathAddBackslashW

shell32

SHGetMalloc
SHChangeNotify
SHGetPathFromIDListW

oleacc

CreateStdAccessibleObject
AccessibleChildren

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ